package com.tuzhi.auth.sys.scurity.impl;

import com.tuzhi.util.StringTzUtil;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

import javax.annotation.PostConstruct;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

@Component
public class SecurityConfigImpl {
    //private static final Logger log = LoggerFactory.getLogger(SecurityConfig.class);


    /**
     * 配置文件中不需要鉴权的地址
     */
    @Value("${security.anonUrl:test}")
    private String anonUrl;

    /**
     * api验证签名
     */
    @Value("${security.sign_code:tz_sys_api}")
    private String signCode;

    @Value("${security.timestampTolerance:5000}")
    private long timestampTolerance;
    Set<String> permitList = new HashSet<>();

    @PostConstruct
    public void init() {
        setPermitList();
    }


    private void setPermitList() {
        str2List(permitList, anonUrl);
    }

    public Set<String> getPermitList() {
        return permitList;
    }

    public String getSignCode() {
        return signCode;
    }

    public long getTimestampTolerance() {
        return timestampTolerance;
    }

    /**
     * 不鉴权地址允许防问
     *
     * @param url
     * @return
     */
    public boolean isPermitUri4NoAuthUrl(String url) {
        return permitList.contains(url);
    }

    /**
     * 把配置文件中的字符串转换成list,去除前后空格
     * a
     *
     * @param permitList
     * @param strs
     */
    private void str2List(Set<String> permitList, String strs) {
        if (StringUtils.isNotEmpty(strs)) {
            List<String> authUrls = StringTzUtil.splitList(strs, ",");
            for (String url : authUrls) {
                permitList.add(StringUtils.trim(url));
            }
        }
    }


}
